long@ittvax.UUCP (H. Morrow Long [Systems Center]) (02/28/85)
Index: scame/src/main.c
Description:
If scame is started up with no file arguments (and gazonk
doesn't exist) and a space is typed in (as the first character)
or the user immediately selects overwrite mode and types in ANY
character - scame will abort prematurely with the message
"Segmentation Violation (Core Dumped)".
This occurred on a Vax 11/780 running 4.2bsd. The latest bug
fixes posted to the net had been applied to the scame source.
(For the technically inclined)
------------------------------
Debugging with adb showed the problem occurring in k_insertc()
(called by editloop() <- called by main()) where *dot is tested
to see if it is equal to '\n' (after this is a test which would
be true, dot is equal to z in the beginning). Alternatively,
and also causing a core dump, if the character being inserted
is not a space but overwrite mode is in effect we try to store
cmdchar in *dot. The problem is caused by the fact that SCAME
does not really use malloc/free for memory allocation but sets
dot, z and other pointer variable to the beginning of dynamic
memory (via sbrk(0)) in main() and sbrk()'s additional memory
if arithmetic on the various pointers warrants it when
inserting characters (using incbuf() in scame0.c).
Unfortunately no memory has been allocated in the described
circumstances for dot (or z, etc) to point to yet.
Repeat-By:
$ scame -r
...type a space immediately
or
$ scame -r
^[^Xoverwrite
....type any character
Fix:
% rcsdiff -c main.c
RCS file: RCS/main.c,v
retrieving revision 1.3
diff -c -r1.3 main.c
*** /tmp/,RCSt1012276 Wed Feb 27 19:31:06 1985
--- main.c Wed Feb 27 19:30:49 1985
***************
*** 142,148
#endif
getwd(currentdir);
free(malloc(0x80)); /* For getchar(). */
! buf=sbrk(0); /* Obtain the startaddress of the buffer */
bufsize = 0;
dot=home=z=otherdot=otherhome=gaps=gape=buf;
away=NIL;
--- 142,151 -----
#endif
getwd(currentdir);
free(malloc(0x80)); /* For getchar(). */
! /*
! * Make sure at least one byte gets allocated.
! */
! buf=sbrk(1); /* Obtain the startaddress of the buffer */
bufsize = 0;
dot=home=z=otherdot=otherhome=gaps=gape=buf;
away=NIL;
%
--
H. Morrow Long
ITT-ATC Systems Center,
1 Research Drive Shelton, CT 06484
Phone #: (203)-929-7341 x. 634
path = {allegra bunker ctcgrafx dcdvaxb dcdwest ucbvax!decvax duke eosp1
ittral lbl-csam milford mit-eddie psuvax1 purdue qubix qumix
research sii supai tmmnet twg uf-cgrl wxlvax yale}!ittvax!long